Managing Database Access

Database access is managed through the ACL. For a user to access the database, one of the following conditions must be true.

• The -Default- access level is set to Reader, Author, Editor, Designer, or Manager.
• The user is explicitly included in the ACL.
• The user is a member of a group in the ACL.

Based on these rules, the user will either be permitted to utilize the database or denied access altogether. The following explains how to add users to the database. After they are added, you can specify the user type, access level, and (optionally) the roles associated with the users.

Note

Only users assigned "Manager" access can modify the ACL. Alternatively, depending on the setup of the Domino Directory, you may also have the authority to add and remove users from various access groups.

Setting the Default Access

All databases automatically incorporate a special user called -Default- in the ACL. The access permissions associated with this user are, by default, applied to any user not explicitly specified in the ACL or included in an access group. Follow these steps to modify the default access settings for a database application.

Step 1.	Locate and highlight the database in the Lotus Notes client workspace.
Step 2.	Open the ACL. Select the database and choose the File > Database > Access Control menu options. This will display the ACL dialog.
Step 3.	Modify the default access settings for the database. Locate and click on the -Default- user. Modify the database permissions and change the access level, user type, and roles as desired (see Figure 19.5). Figure 19.5. Access type attribute associated with Person, Group, or Server

Caution

Depending on the version, Lotus Notes automatically assigns "Manager" access to the -Default- user when a new database is created. As a best practice, you should immediately change this value to something other than Manager or Designer after creating a new database. Otherwise, literally anyone will have the ability to modify the design, delete documents, and/or change the ACL settings.

Adding Users to the ACL

This section outlines the steps to add an individual user to the ACL. In general, this process should be used to manage a limited number of users. Where possible, consider using access groups (described in the next section) to manage a large number of users with similar attributes. To add users to the access list, you must have "Manager" authority. Follow these steps:

Tip

If you need to add a user to the ACL who happens to require similar security settings as another user, you can use the quick add function. First, click on the existing user in the ACL and then select the Add button. The new user will then have the same security properties as the existing user in the ACL.

Note

Some organizations restrict the ability to assign "Manager" access to users in the database ACL. If this is true for your organization, consider utilizing groups to manage database access. After the administrator has established a group in the ACL, users can be added and removed by editing the group stored in the Notes Address Book.

Adding Groups to the ACL

Start by creating the group name in the Domino Directory. After it is created, users can be added and removed from the group without having to modify the Notes database ACL. Next, add the group name. You add groups much as you would add a person by either manually typing the group name or selecting it from the Domino Directory and assigning permissions.

Step 1.	Locate and open the Domino Directory on the server where the database resides. The Domino Directory is the server address book (which is different from your Personal Address Book that is associated with your Lotus Notes client). Typically, the database title includes the server name followed by "directory". For instance, if the server name were MYSERVER, then the database title would be "MYSERVERs Directory".
Step 2.	Create the Group. Expand the Groups category in the left navigation pane and select a view (such as by Organization). The view displayed may vary based on the database design (see Figure 19.7). Figure 19.7. Location of the Groups view in the Domino Directory To create a group, select the Add Group button located at the top of the view and complete the form. Specify a group name and a brief description of the group and list all members associated with the group (see Figure 19.8). Figure 19.8. Form used to create Groups in the Domino Directory Note Consider including the access level in the group name so that you can easily determine what group is assigned to a particular access level. For example, say you have a database that tracks business financials. You might have a group for users with Reader, Author, and Editor access. The group name for users with Editor access might be "FinanceDB-Editors". Using this approach, you can quickly determine the purpose of the group, database, and access level from the Domino Directory. After these values are set, save and close the document. This will add the group to the Domino Directory, and it can now be used by the Lotus Notes client (such as for an email distribution list) or a Notes database (to assign database access to the users in the ACL).
Step 3.	Define access permissions for the group. Select the database and choose the File > Database > Access Control menu options. This will display the ACL dialog. Select the Add button from the ACL dialog window. This will display the Add User prompt (see Figure 19.9). Figure 19.9. Specifying a group name in the Add User dialog Manually enter the group name or click the icon (located to the right of the field) to select a group from the Domino Directory (see Figure 19.10). Figure 19.10. Setting the user type and database attributes for a Group Click OK to add the entry to the ACL. Tip When adding several different types of groups to the ACL, consider incorporating the access level in the group name. Lets say, for example, there are three unique groups associated with the "Defect" databaseusers with read-only access, author access, and editor access. Based on this scenario, example group names could include DefectReaders, DefectAuthors, or DefectEditors. Group names can include spaces. Whether spaces are included or omitted is a personal style or organizational preference.
Step 4.	Set access permissions. After the group has been created, change the User type to Person Group, Server Group, or Mixed Group and then set the Access level (such as Editor).
Step 5.	(Optional) Set any additional permission such as the ability to Delete documents, Create private agents, Create personal folders/views, Create shared folders/views, or Create LotusScript/JavaScript agents.
Step 6.	Repeat this process for each new group and click OK to apply all security changes to the database.

Configuration of the ACL group is now complete. Users can be added or removed from the database access list using the group stored in the Domino Directory.

Tip

Domino server administrators sometimes create special groups in the Domino Directory, such as "Administrators" and "DenyAccess", which are also included in the ACL for all databases. The "Administrators" group might contain a list of all Domino developers or server administrators. The access level for this group might be "Designer" or "Manager". The "DenyAccess" group, on the other hand, might contain a list of users that should not have access to the database. By adding this group to all databases, a user name can be inserted in the group and instantly denied access to all databases on the server. This might be used for a terminated or disgruntled employee. Work with your Domino server administrator regarding implementation of these groups and understanding the business policies in place for your server.

Creating Access Roles

To create a role, select the File > Database > Access Control menu options to open the ACL dialog. By default, the Basics tab should be active. Next, click on the Roles tab (left side) and select the Add button (located at the bottom of the dialog window). This will display a new popup window called Add Role. Specify the name of the role and click OK to apply the change. Repeat this process for each role associated with the database.

With roles in place, switch back to the Basics tab. To assign the role to a user, server, or group, click on the entry and then select one or more roles. After all roles have been created and assigned, click OK to complete the ACL settings. Finally, incorporate the roles into the design of the database.

An Introduction to the Lotus Domino Tool Suite An Introduction to the Lotus Domino Tool Suite Product Overview Links to developerWorks Getting Started with Designer Getting Started with Designer Installing the Designer Client Launching the Designer Client Creating My First Notes Database Links to developerWorks Navigating the Domino Designer Workspace Navigating the Domino Designer Workspace An Introduction to Designer The Design Pane The Work Pane The Object Pane The Programmers Pane The Action Pane Design Tabs Language Selector Client and Browser Selector Status Bar Links to developerWorks Domino Design Elements Domino Design Elements Building Blocks of a Notes Database Naming Design Elements Working with Forms Working with Fields Working with Layout Regions Working with Sections Working with Buttons Working with Views Working with Application Menus Working with Folders Working with Framesets Working with Pages Working with Shared Code Working with Shared Resources Links to developerWorks An Introduction to Formula Language An Introduction to Formula Language What Is Formula Language? What Is a Formula? Working with Variables Formula Language Keywords Working with Operators General Syntax Rules What Are Functions and Commands? What Are Commands? Working with Text Strings Working with Conditional Branching Working with Iterative Loops Working with Lookup Functions Working with Dates Working with Lists Working with User Prompts Links to developerWorks An Introduction to LotusScript An Introduction to LotusScript Introduction to Object-Oriented Programming LotusScript Classes Keywords Variables Constants Operators Comments Defining Variables and Constants Defining Object Reference Variables Working with Conditional Branching Working with Iterative Loops Communicating with Users Working with Arrays Using Formula Language in LotusScript Code Compiling LotusScript Code Links to developerWorks Fundamentals of a Notes Application Fundamentals of a Notes Application The Five Primary Application Types The Application Development Life Cycle Elements of a Project Plan Elements of a Project Schedule Questions to Ask When Designing a Database Designing a Notes Application Links to developerWorks Calendar Applications Calendar Applications Application Architecture Managing Recurring Events Using Single Documents Managing Recurring Events Using Multiple Documents Project A: Build an Event Calendar Project B: Build a Conference Room Reservation System Links to developerWorks Collaborative Applications Collaborative Applications Project A: Build a Discussion Forum Project B: Build a Project Control Notebook Links to developerWorks Reference Library Applications Reference Library Applications Project A: Build a Connection Document Database Project B: Build a Spreadsheet Generator Workflow Applications Workflow Applications Defining a Workflow Application Project: Building a Workflow Database Links to developerWorks Web Applications Web Applications Defining a Web Application Project: Building a Domino Web Site Security Troubleshooting Links to developerWorks Design Enhancements Using LotusScript Design Enhancements Using LotusScript Custom LotusScript Functions and Routines Compare Two Dates Check for an Element in an Array Replace an Element in an Array Remove a Character from a String Remove an Element from an Array Compare Two Arrays Working with Dynamic Arrays Create a Custom Popup Dialog Box Refresh a Document from the User Interface Search for a Document Working with Dates and Times Compute the Day of the Week How to Reference $ Fields How to Set the ReturnReceipt for LotusScript-Generated Email Add Field Validation to a Form Display an Are You Sure? Message Format a Users Name Automatically Update a History Field When a Document Changes Prompt the User to Describe Document Changes and Update the History Log Create a Unique Document Record Number Limit the Ability to Create Documents on a Local Database How to Zero Pad a Text Number How to Add Text to a Rich Text Object How to Attach a File to a Rich Text Object How to Format Text in a Rich Text Object Change Document to Edit Mode Obtain the Current Roles Assigned to a User Generate a Document in Another Database Generate a New Document by Duplicating an Existing Document Prompt in LotusScript Sending Email to Multiple Recipients Using LotusScript Add a View Icon and Mood Stamp to an Email Retrieve and Update NOTES.INI Environment Values Assign One Rich Text Object to Another Rich Text Object Add a Document, View, or Database Link to a Rich Text Field Create a Button to Add a Calendar Event Links to developerWorks Design Enhancements Using Formula Language Design Enhancements Using Formula Language Formula Language Enhancements Compare Two Lists Expand and Collapse All Document Sections Expand and Collapse All View Categories Get the Current Day of the Week Get the Current Month of the Year Create a Formatted Date String Create an Attach File Button Display the Windows File Finder Dialog Create a New Document Create a Last Updated By Field Create a Last Modified On Date Stamp Format a Users Name Hide Text and Design Elements Based on a Users Role Working with @DBColumn Working with @DBLookup Parse a Text String How to Format Field Values Using Input Translation How to Add Field Validation Display an Are You Sure? Warning Message Generate Email Using Formula Language How to Sort a List of Values View Enhancements View Enhancements Create a New Document by Double-Clicking on a Calendar Date Display Documents in a View by Year and Month Display an Icon in a View Retrieve All Views in a Database Retrieve All Columns in a View Retrieve All Columns for Each View in a Database How to Manage Conflict Documents Display All Documents by Form Name Disable the Ability to Paste Documents into a View Links to developerWorks Sample Agents Sample Agents Agent Enhancements Simple Action Agent to Modify All Documents LotusScript Agent to Modify All Documents Containing a Specific Field Value Agent to Manually Generate an Email Report Schedule Agent to Send a Daily, Weekly, or Monthly Email Report Links to developerWorks Miscellaneous Enhancements and Tips for Domino Databases Miscellaneous Enhancements Disable the Ability to Print, Copy, Cut, and Forward Documents Using Field Hints on a Form Using Static Popups to Display Help Messages How to Inherit Fields Between Forms Add an Icon to an Action Button Create a Custom Application Interface How to Set the Field Tab Order on a Form Domino Shortcut Keys Data Management Data Management Importing Data Exporting Data Migrating Data Creating Tables Modifying Data Using a LotusScript Agent Archiving Data Using an Agent Refreshing All Documents Security Security Access Control List Fundamentals Managing Database Access How to Enforce Consistent ACL Settings Across Replicas Encrypt the Database Managing Access to Views Managing Access to Forms and Documents Managing Access to Fields Managing Access to Source Code Hiding a Database Design Hiding a LotusScript Library How to Sign a Database How to Cross Certify Domino Servers Links to developerWorks Application Deployment and Maintenance Application Deployment and Maintenance What Are Templates? Establishing a Development Environment Migrating a Database Design Preserve a Copy of the Database Design Deploying the Production Database The Importance of Database Backups Process Synopsis Links to developerWorks Troubleshooting Troubleshooting Troubleshooting LotusScript Troubleshooting Agents Common Database Problems Where to Find Additional Assistance Links to developerWorks Appendix A. Online Project Files and Sample Applications Appendix A. Online Project Files and Sample Applications About the Online Materials About the Companion Web Site About the Development Tools and Files Folder Installing a Notes Database Appendix B. IBM® Lotus® Notes® and Domino®Whats Next? Appendix B. IBM® Lotus® Notes® and Domino®Whats Next? Developer-Specific Enhancements What Is a Composite Application? Composite Application Development Tools Adding Value into the Future Endnotes show all menu Previous page Table of content Next page Lotus Notes Developers Toolbox: Tips for Rapid and Successful Deployment ISBN: 0132214482 EAN: 2147483647 Year: N/A Pages: 293 Authors: Mark Elliott BUY ON AMAZON Lotus Notes Developers Toolbox: Tips for Rapid and Successful Deployment Working with Forms Check for an Element in an Array Format a Users Name How to Add Field Validation LotusScript Agent to Modify All Documents Containing a Specific Field Value AutoCAD 2005 and AutoCAD LT 2005. No Experience Required Getting to Know AutoCAD Setting Up a Drawing Using Layers to Organize Your Drawing Dimensioning a Drawing Printing an AutoCAD Drawing What is Lean Six Sigma The Four Keys to Lean Six Sigma Key #3: Work Together for Maximum Gain Key #4: Base Decisions on Data and Facts When Companies Start Using Lean Six Sigma Making Improvements That Last: An Illustrated Guide to DMAIC and the Lean Six Sigma Toolkit Java Concurrency in Practice Cancellation and Shutdown JVM Shutdown Short-running GUI Tasks Shared Data Models Choosing Between Synchronized and ReentrantLock .NET-A Complete Development Cycle Conclusion References for Further Reading Design of the Image-Processing Components Using Late Binding Unit Tests Online Store Requirements Python Programming for the Absolute Beginner, 3rd Edition The sys Module Tkinter Overview Typos Happen Roses Are Red, Violets Are Blue; Lists Are Mutable, and So Is Class Foo Appendix B Pragmatics Flylib.com © 2008-2020. If you may any questions please contact us: flylib@qtcs.net Privacy policy This website uses cookies. Click here to find out more. Accept cookies